Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2095
Views
0
Helpful
4
Replies

WLC WebAuth Certificate and WebAdmin Certificate

Go to solution
brianalster
Level 1
Level 1

‎01-09-2019 06:23 AM - edited ‎07-05-2021 09:40 AM

We had to RMA one of our WLC 8510 (running 8.3.143.0).  The replacement is up and running and we've restored the saved configuration from the old one.....

 

We are able to https: into the GUI on the new unit, but i am having issues trying to install a "Web auth/Certificate" that one of my SSID's uses (Courtesy Internet).

 

After doing a lot of "googling", I am getting confused.  Do I need to generate a new WebAdmin certificate, or can I just generate a WebAuth?  There is a bunch of warnings that if i generate a new CSR I need to install the resulting certificate of I'll break my HTTPS connection (after the next reboot), but it does not specify which type of CSR it is referencing.

 

I've generated a new WebAuth CSR, and I've sent it over to get it signed.  If I can get it to successfully install, do I need to anything else to keep my https connectivity working after I reboot (to finish installing the WebAuth cert)???

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame

‎01-09-2019 07:28 AM

if the new certificate signed by CA(locally or CA authoritty) and these are acceptable internal devices (like laptop or ipad or mobile device) you good to go - i do not see any issue.

 

but can you tell me is this in HA environment ?

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

View solution in original post

0 Helpful
4 Replies 4

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame

‎01-09-2019 07:28 AM

if the new certificate signed by CA(locally or CA authoritty) and these are acceptable internal devices (like laptop or ipad or mobile device) you good to go - i do not see any issue.

 

but can you tell me is this in HA environment ?

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Go to solution
brianalster
Level 1
Level 1
In response to balaji.bandi

‎01-09-2019 08:24 AM

It is not in a HA...  I have two controllers, but they are not running HA.  The AP's have primary and secondary controllers configured.

0 Helpful

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame
In response to brianalster

‎01-09-2019 09:59 AM

So you can fail over the IP to active controllers and reboot this WLC  i guess.

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Go to solution
brianalster
Level 1
Level 1
In response to balaji.bandi

‎01-09-2019 10:37 AM

yes... this allows me to upgrade code and install certificates (reboots) without the clients suffering thru a maintenance window.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card